nginx-proxy-manager icon indicating copy to clipboard operation
nginx-proxy-manager copied to clipboard
Published 3 weeks ago verified publisher icon NginxProxyManager

Allow Propagation Seconds > 600 for slow DNS providers (e.g. netcup needs 900–1800s)

Open samcux opened this issue 1 month ago • 3 comments

Some DNS providers (notably netcup) have very long DNS propagation times for TXT records used in DNS-01 challenges.

Projects like certbot-dns-netcup and Traefik have documented that netcup DNS zones are only reloaded roughly every 10 minutes, and in some cases propagation can take up to 20 minutes, so values of ≥900s (and practically often 1200–1800s) are recommended.

In Nginx Proxy Manager’s new React-based certificates UI, the Propagation Seconds input has a hardcoded maximum of 600.

This makes it impossible to configure a propagation delay that matches netcup’s behaviour. As a result, Let’s Encrypt DNS-01 validation with the built-in netcup plugin tends to fail on the first attempt, and sometimes repeatedly, simply because the TXT record is not visible yet.

The back end / certbot plugin itself can handle higher propagation values; the limitation seems to exist only in the front end.

Pls increase the hard limit to something like 7200 (2 hours) to cover all realistic cases.

samcux avatar Nov 18 '25 15:11 samcux

Right, the old version supported more? Also can you add a screenshot?

7heMech avatar Nov 19 '25 10:11 7heMech

Image

samcux avatar Nov 19 '25 10:11 samcux

Try this image nginxproxymanager/nginx-proxy-manager-dev:pr-4966

7heMech avatar Nov 19 '25 12:11 7heMech